[Git][security-tracker-team/security-tracker][master] CVE-2016-1000023 was rejected in favour of CVE-2016-10540
Salvatore Bonaccorso
carnil at debian.org
Mon Jun 18 09:22:25 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d672c1bf by Salvatore Bonaccorso at 2018-06-18T10:21:59+02:00
CVE-2016-1000023 was rejected in favour of CVE-2016-10540
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -37859,7 +37859,10 @@ CVE-2016-10541 (The npm module "shell-quote" 1.6.0 and earlier cannot
NOTE: https://nodesecurity.io/advisories/117
NOTE: nodejs not covered by security support
CVE-2016-10540 (Minimatch is a minimal matching utility that works by converting glob ...)
- TODO: check
+ - node-minimatch <unfixed> (unimportant)
+ NOTE: https://nodesecurity.io/advisories/118
+ NOTE: https://github.com/isaacs/minimatch/commit/6944abf9e0694bd22fd9dad293faa40c2bc8a955
+ NOTE: libv8 is not covered by security support
CVE-2016-10539 (negotiator is an HTTP content negotiator for Node.js and is used by ...)
- node-negotiator 0.6.1-1 (unimportant)
NOTE: https://nodesecurity.io/advisories/106
@@ -96108,10 +96111,6 @@ CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.
NOTE: Upstream patch: https://github.com/vadz/libtiff/commit/0ba5d8814a17a64bdb8d9035f4c533f3f3f4b496
CVE-2016-1000023
REJECTED
- - node-minimatch <unfixed> (unimportant)
- NOTE: https://nodesecurity.io/advisories/118
- NOTE: https://github.com/isaacs/minimatch/commit/6944abf9e0694bd22fd9dad293faa40c2bc8a955
- NOTE: libv8 is not covered by security support
CVE-2016-6213 (fs/namespace.c in the Linux kernel before 4.9 does not restrict how ...)
- linux 4.8.11-1
[jessie] - linux 3.16.43-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d672c1bf4622b03daeffc1cf703855d6e1ed9356
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d672c1bf4622b03daeffc1cf703855d6e1ed9356
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180618/90532d9f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list